Your million dollar 0day just got burned and now worth nothing? No worries – we are still interested in your exploit. The value of 0days can range from a few thousands to even a million dollars for a full remote exploit chain and many companies and governments are willing to […]
Resources
What is Mobile Threat Defense? Gartner’s Market Guide for Mobile Threat Defense Solutions
“It is becoming increasingly important that security leaders look at the anti-malware, mobile threat defense solutions market, the products available and how they should be used…” Gartner Market Guide for Mobile Threat Defense Solutions, John Girard, Dionisio Zumerle, 28 July 2016 Mobile Threat Defense (MTD) solutions protect mobile platforms by […]
Detecting Unknown Threats Time After Time
Zuk Avraham, Founder Follow Zuk Avraham (@ihackbanme) Last week, Ian Beer, from the Google Project Zero research team, released his local elevation of privileges exploit targeting iOS 10.1.1 [1]. We immediately understood that we had another opportunity to assess a new zero day exploit against our Machine-Learning attack and exploit […]
Analysis of multiple vulnerabilities in AirDroid
Reported by: Simone Margaritelli Security Researcher at Zimperium zLabs Edit: 11:02AM PDT: added exploit POC code below the disclosure timeline. Edit2: 06:01PM PDT: edited timeline to reflect 4.0.0 and 4.0.1 release dates and confirming that both versions are still vulnerable. Edit3: Dec 12th, 2016, 10:41AM PDT: edited timeline to reflect […]
Zimperium users are safe from Gooligan
Zimperium users are safe from Gooligan. A new threat, called Gooligan, which is a family of Android-based malware, has compromised more than 1M Google accounts — and many of those are enterprise users. “Not surprisingly, a malware, spread in unofficial markets, can create real damage,” said Zimperium founder and CTO, Zuk […]
SoftBank goes live with Security Checker, Powered by ZIMPERIUM™
Mobile devices are critical in today’s connected business world. Yet, very few companies have visibility into mobile platforms to identify cyberattacks, vulnerabilities and unknown threats targeting their customers’ personal data and confidential business information. Softbank gets it. As the third largest public company in Japan, SoftBank is a Japanese multinational […]
Mobile Security Is National Security
Whether deployed to steal ammo for political scandals or classified documents for military sabotage, a cyberattack on a mobile device with access to sensitive information is a matter of national security. And yet, mobile devices are often left out of the national security conversation. Obama’s recently implemented Cybersecurity National Action […]
Browser-based CVE-2015-3864 Metasploit Module Now Available for Testing
By:Zuk Avraham Follow Zuk Avraham (@ihackbanme)Joshua Drake Follow Joshua Drake (@jduck) Last year, we disclosed a series of critical vulnerabilities within Android’s multimedia processing code — libstagefright. We promised to release the exploit for testing purposes and quickly published our exploit for CVE-2015-1538 targeting the Galaxy Nexus running Android 4.0.4. […]
Zimperium Partners with BlackBerry to Provide Mobile Threat Detection
I am very excited our strategic partnership with BlackBerry is gaining momentum. zIPS and BlackBerry’s Good Dynamics Secure Mobility Platform and BES12 are integrated to deliver enterprise and government customers with comprehensive mobile threat detection, risk analysis and prevention for both iOS and Android devices. “Good Dynamics and BES12 integrated with Zimperium […]
Understanding – “Pegasus” a Targeted Attack Remotely Infecting iOS Devices
Pegasus is a sophisticated trojan targeting the iOS platform. It provides an attacker abilities to remotely monitor and capture communication from a device (including calls, texts, Whatsapp, Viber, etc). A successful attack transforms a device running iOS into a powerful surveillance tool. This is a persistent attack and enables an […]